Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

70 matches found

CNVD
CNVDadded 2016/11/23 12:0 a.m.1 views

AppFusions Doxygen for Atlassian Confluence Cross-Site Scripting Vulnerability

Doxygen is a popular documentation generator and tool for writing software reference documentation. A cross-site scripting vulnerability exists in AppFusions Doxygen for Atlassian Confluence where the parameter file is not filtered in the DoxygenFileServlet.java file. This allows an attacker to...

6.3AI score
Exploits0References1
seebug.org
seebug.orgadded 2016/08/10 12:0 a.m.11 views

Tyco Cms download.php parameter file arbitrary File Download vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2016/06/17 12:0 a.m.34 views

Times bright China e-Learning system /resin-doc/examples/security-basic/viewfile parameter file arbitrary file read vulnerability

No description provided by source...

7.1AI score
Exploits0
OSV
OSVadded 2016/04/05 8:59 p.m.4 views

UBUNTU-CVE-2016-3125

The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...

7.5CVSS5.8AI score0.06979EPSS
Exploits0References5
Mageia
Mageiaadded 2015/02/09 9:44 p.m.31 views

Updated moodle packages fix CVE-2015-1493

Updated moodle package fixes security vulnerability: In Moodle before 2.6.8, parameter "file" passed to scripts serving JS was not always cleaned from including "../" in the path, allowing to read files located outside of moodle directory. All OS's are affected, but especially vulnerable are...

6.8CVSS6.3AI score0.02638EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2013/08/30 12:0 a.m.16 views

WP Online Store Plugin for WordPress Multiple Parameter File Disclosure

The WP Online Store Plugin for WordPress installed on the remote host is affected by an information disclosure vulnerability due to a failure to properly sanitize user-supplied input to the 'turl' and 'file' parameters. An unauthenticated, remote attacker can exploit this to view arbitrary files ...

5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2010/11/08 12:0 a.m.34 views

eLouai's Force Download Script file Parameter File Disclosure

The version of eLouai's Force Download Script hosted on the remote web server does not sanitize user-supplied input to the 'file' parameter before using it to return the contents of a file. An unauthenticated, remote attacker can exploit this issue to disclose the contents of sensitive files on t...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2006/12/01 12:0 a.m.17 views

Serendipity serendipity[charset] Parameter Local File Inclusion

Binary data 3835.prm...

7.5CVSS7.3AI score0.04299EPSS
Exploits2References3
securityvulns
securityvulnsadded 2006/05/16 12:0 a.m.42 views

[SA20119] TR Newsportal "file_newsportal" Parameter File Inclusion Vulnerability

TITLE: TR Newsportal "filenewsportal" Parameter File Inclusion Vulnerability SECUNIA ADVISORY ID: SA20119 VERIFY ADVISORY: http://secunia.com/advisories/20119/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: TR Newsportal 0.x http://secunia.com/product/9955/...

0.3AI score
Exploits0
Vulnrichment
Vulnrichmentadded 1999/09/29 4:0 a.m.15 views

CVE-1999-0036

IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files...

6.9AI score0.01413EPSS
Exploits0References4
Rows per page
Query Builder